diff options
author | David Woodhouse <David.Woodhouse@intel.com> | 2016-07-08 20:46:07 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-08-04 20:56:23 +0100 |
commit | c8a18468caef4d62778381be0acdadc8a88d6e51 (patch) | |
tree | ade9880c63ce660ac716d1f1c6bc6871411850a8 | |
parent | 715d69b0d5fb5b873a923fc3f5c7b441ad73003c (diff) |
Fix SSL_export_keying_material() for DTLS1_BAD_VER
Commit d8e8590e ("Fix missing return value checks in SCTP") made the
DTLS handshake fail, even for non-SCTP connections, if
SSL_export_keying_material() fails. Which it does, for DTLS1_BAD_VER.
Apply the trivial fix to make it succeed, since there's no real reason
why it shouldn't even though we never need it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
-rw-r--r-- | ssl/ssl_lib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index df71f7b0dc..8c3c88e227 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2300,7 +2300,7 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, const unsigned char *p, size_t plen, int use_context) { - if (s->version < TLS1_VERSION) + if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER) return -1; return s->method->ssl3_enc->export_keying_material(s, out, olen, label, |